Job description / Role
Over the past 100 years, IBMers all over the globe have helped make the world work better and smarter. In this new era of Cognitive Business, IBM is helping to reshape industries by bringing together our expertise in Cloud, Analytics, Security, Mobile, and the Internet of Things: Changing how we create, collaborate, analyze and engage. From transforming healthcare to improving the retail shopping experience - it's what IBMers do. As we tackle the world's biggest challenges, our company continues to grow, we're looking for talented professionals to join us in this new era.
Join us and be part of a diverse and global team of thinkers and doers - people who want to make an impact, cultivate their expertise and collaborate with some of the world's top business and technology professionals.
Your Role and Responsibilities
The Security Architect must serve as technology and solution advisers with pragmatic experience in both IT Security, OT Security, Cloud Security and other Emerging security technologies. These architects will act in many ways as technology consultants that can speak to the security landscape, architectural models and solutions credibly, and possess the ability to discuss and present technical security solutions to senior members of a client team.
The architect needs proven knowledge and experience with designing Enterprise Security Architecture, architecture standards, blueprints, design patterns etc. In addition, a Security Architect must have knowledge and experience with Risk assessments, Governance and Compliance, Policy Lifecycle, Security Operations Center concepts, processes etc.
Description of Skills
Security Domain Skills
The position of a Security Architect should also be able to speak to the breadth of an entire security program landscape at an introductory level. This position requires subject matter expertise through delivery of workshops, as a member of consulting engagements, and as leader on solution design and deployment projects.
The architect managing consultant should be knowledgeable in:
- Security architecture methodologies such as The Open Group Architecture Framework, SABSA, IEC 62443 etc.
- Generate high quality artifacts such as requirements artifacts, high level and detailed designs and deployment plans.
- A proven record of security thought leadership and be recognized for business and technical acumen for Security Architecture.
- Understanding of compliance issues (ISO 27001, CSA CCM, NCA ECC, SSAE 16, COBIT, NIST, PCI DSS, GDPR etc) and Regulatory requirements.
Core consulting skills
- Strong communication and presentation skills
- The ability to lead large groups and be a primary facilitator and lead.
- Strong written skills
- Comfortable working in a project based / client serving model
- Ability to lead and shape client expectations
- Help drive pursuits and engage in complex deals, matching outcomes to expectations
- Ability to work easily with diverse and dynamic teams
- Ability to work in a matrix management model
Required Technical and Professional Expertise
- At least 5 years relevant consulting experience in Security Architecture domain
- Security consulting experience across multiple client verticals, including Financial Services, Public Sector, Technology, Telecommunications, Manufacturing, Industrial & Mining etc.
- Experience in delivering IT, OT, Cloud risk assessments, developing control frameworks & security patterns
- Experience in designing \\ architecting enterprise security solutions
- Experience in developing enterprise security architecture and cybersecurity blueprints
- Solid understanding and experience working a structured solution design methodology
- Experience in Security Governance, Security Process, and Security Policy and Standards design
- Depth of knowledge in Industrial Control Systems Security
- Experience in the design and deployment of technology and solutions in Information Technology (IT), Industrial Control Systems security and the integration of Operational Technology (OT)
- Understanding of regulatory compliance requirements (NERC CIP, NIST CSF, ISA/IEC 62443, ISO 27000 Series, PCI, GDPR)
- Ensure quality delivery as per IBM/client requirements.
- Proactively identify project risks and escalate to project stakeholders Actively establish & strengthen relationships with external and internal customers
- Assist in developing knowledge assets such as methodologies, templates, white papers etc.
- Work in a team and guide less experienced members in the team
- Identify potential business opportunities on existing consulting engagements.
- Suggest ideas on improving engagement productivity and identify opportunities for improving client service
- Readiness to travel
- English: Fluent
Preferred Technical and Professional Expertise
- At least 5 years' experience in IT and Information Security
- At least 3 years' experience in ICS Security, Cloud Security
- At least 3 years' experience in a professional services firm focused on systems integration projects
- Basic knowledge in working across diverse teams to facilitate solutions
- Bachelor's degree or master's degree in technology or Cybersecurity
- Experience working with offshore teams
- Certified in CISSP, SSCP, CISA or CISM
About the Company
For more than six decades, IBM Middle East & Pakistan has played a vital role in shaping the information technology landscape of the region. Today, IBM is part of the region's technological fabric, solving real-world business and societal challenges, through its offices in UAE, Saudi Arabia, Qatar, Kuwait and Pakistan, and also a diversity of centers across the region.
Within the region, IBM currently has groundbreaking initiatives in cloud computing, analytics, mobile, security, as well as nanotechnology, eGovernment, healthcare and many more, collaborating with leading educational institutes and governments. IBM supports hundreds of clients to drive transformation through technology, contributes to regional research & development programs and has an active Corporate Service Corps (CSC) program.
Reinvention is a keyword in the company's history and, today, IBM is much more than a "hardware, software, services" company. IBM is now emerging as a cognitive solutions and cloud platform company.